Skip to content

Instantly share code, notes, and snippets.

@codersatx

codersatx/login.class.php

Created June 17, 2011 19:35
Show Gist options
  • Save codersatx/1032131 to your computer and use it in GitHub Desktop.
Save codersatx/1032131 to your computer and use it in GitHub Desktop.
Download ZIP
A simple login class to do basic protection on a folder.
Raw
login.class.php
<?php if ( ! defined('BASEPATH')) exit('No direct access allowed');
/**
* Handles a simple login scenario.
*
* @author Alex Garcia
* @copyright 2011
*/
class Login{
//An array of values used in the system.
//@var array
public $config;
//---------------------------------------------------------------------------------
/**
* Creates an instance of our Login object and sets the config values.
*/
public function __construct()
{
require_once('config.php');
$this->config = $config;
}
//---------------------------------------------------------------------------------
/**
* Attempts to authenticate a user based on the creds provided.
*
* @return mixed void or string error message.
*/
public function do_login()
{
if ('POST' == $_SERVER['REQUEST_METHOD'])
{
$username = $this->_get_input('username');
$password = $this->_get_input('password');
if($this->_authenticate($username, $password))
{
session_start();
$_SESSION['authenticated'] = 1; // store session data
session_write_close();
header('Location:'. $this->config['default_page']);
}
else
{
return $this->config['error_message'];
}
}
return false;
}
//---------------------------------------------------------------------------------
/**
* Private method which checks the credentials.
*
* @param string $username
* @param string $password;
* @return boolean True if the user has entered the correct credentials, false by default.
*/
private function _authenticate($username, $password)
{
if ($this->config['username'] == $username AND $this->config['password'] == sha1($password))
{
return TRUE;
}
return FALSE;
}
//---------------------------------------------------------------------------------
/**
* Gets the input values and cleans them for any unwanted chars.
*
* @param string $field_name The name of the field we want to get the posted values from.
* @return string;
*/
private function _get_input($field_name)
{
return htmlspecialchars($_POST[$field_name]);
}
//---------------------------------------------------------------------------------
/**
* Checks to see if a user is logged in.
*
* @return boolean True if logged in, false by default.
*/
public function is_logged_in()
{
if (isset($_SESSION['authenticated']))
{
return$_SESSION['authenticated'];
}
return FALSE;
}
//---------------------------------------------------------------------------------
/**
* Generates a hashed password from a string.
*
* @param string $password
* @return string
*/
public function generate_password($password)
{
$code = '<h1>Copy and paste this line in the config file.</h1>';
$code .= '$config[\'password\'] = \''. sha1($password) .'\'; // '. $password;
return $code;
}
//---------------------------------------------------------------------------------
/**
* Performs a logour operation by setting the session to an empty array and then
* destroying the session altogether. Once completed it returns the logout message
* located in the configuration.
*
* @param string $password
* @return string
*/
public function do_logout()
{
session_start();
$_SESSION = array();
session_destroy();
return $this->config['logout_message'];
}
}
//Create new instance of the Login class
$login = new Login();
//Run the do_login method
$message = $login->do_login();
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment